The GuruXP Blog

It’s been time since I wanted to write a post like this to help people understand and choose the mailbox to be used with information sharing in organizations with Office365.

Since the point is to be able to implement the most adequate option for managing info to be shared, I’ve decided to name it «Shared info mailboxes on Office365».

So let’s start enumerating the options we have and describe them as well:

• Distribution Groups (DG): although is not a mailbox as well, it’s an option totally valid and recommended to keep in front. These are addresses enabled for sending and receiving departmental messages, but enabling all those messages to be distributed to their members as let them to respond as the department and no as individuals. It has no cost and you can practically create as much DGs as you want to.
• Shared Mailboxes: this type of mailbox allows us to send and receive departmental messages (i.e: administration@contoso.com) working like a team on a separate space than the personal mailbox, without the need of an additional license (as long as you don’t exceed the 5Gb storage limit, if you want more then you must assign a license allowing you to get up to 25Gb). Of course the user will still need an individual Exchange Online license assigned in order to access this mailbox.
•  Site Mailboxes: it’s like a shared mailbox, but the difference is the Platform where it resides, specifically in SharePoint Online so it can be viewed as a library inside the intranet portal keeping the attachments and Exchange Online for saving the body of the messages. This type of mailbox can be mail enabled in order to receive messages but doesn’t allows you to send messages as a departmental unit. It’s limit is 5Gb and needs no license to be assigned, but the user still needs an Exchange Online and a SharePoint Online license.
•  Modern Public Folders: that’s it, «Modern». Due that Microsoft removed the public folders functionality of their online Platform and now they’ve implemented it, they’ve decided to do it using the Exchange 2013 technology with some performance improvements. This the of mailbox is maybe the most comfortable of the options when it has to do with large orgs because it has no hard limits on the number of concurrent connections to it. As same as the rest of the options, it doesn’t need no license to be assigned but of course the users that want to access them still need an Exchange Online license to be assigned. Its limit is awesome compared to the other options as it gives 25Gb per public folder mailbox and you can get up to 50 public folder mailboxes, that’s about 1,25Tb of free storage.

In order to make things easy for you, I’ve decided to make a comparison table of what I think are the most important things to keep in mind when making a decision over every situation:

It’s not a big thing but sure helps someone. Although I will be writing a single post for ever type of mailbox named here so I can show up how to configure them and tell the positive and negative things about them.

Until next one!

It just launched the Network Analysis Tool for Office365 based on cloud (there’s no need to install any thing). On previous versions of Office365  like BPOS, there was a web-based tool that allowed you to measure the bandwidth of the Internet for Exchange Online, and then it came out another similar tool but for Lync Online Services. Besides the Exchange Online tool gotnremoved though it was very useful to determine if the client’s internet would be enough fornexchange online implementations or of you needed to have more.

Well, after several months, Microsoft has decided to re-launch this tool but improved, as it allows you not to only detect and resolve Office365 connectivity problems (including Lync), but also measure the internet bandwidth with exhaustive tests for Office365 implementations.

El the only requisites are Java and at least Internet Explorer 8.

Here are the urls:

North america:

• http://na.deployoffice365.com/
• http://na1-fasttrack.cloudapp.net/
• http://137.117.73.108/

Europe:

• http://emea.deployoffice365.com
• http://em1-fasttrack.cloudapp.net/
• http://137.117.182.107

Asia:

• http://apac.deployoffice365.com
• http://ap1-fasttrack.cloudapp.net
• http://137.116.128.60

Enjoy!

One of Exchange Online functionalities as part of the Office365 suite is the ability to forward mails to another mailbox or smtp address quick and easy using the users Office365 portal. Besides, what happens when you have to do it as an admin on 500 users at a time? it results tedious right?.

well, we can do this quickly with the help of PowerShell with the following commands:

Forward mails to another mailbox:

Set-Mailbox user@domain.com -ForwardingAddress dest_mailbox@domain.com

Forward mailbox without saving a local copy:

Set-Mailbox user@domain.com -ForwardingAddress dest_mailbox@domain.com -DeliverToMailboxAndForward $false

Forwarding mails to another external mailbox:

Set-Mailbox user@domain.com -ForwardingSmtpAddress ext_mailbox@domain.com

Forwarding mails to another external mailbox without saving a local copy:

Set-Mailbox user@domain.com -ForwardingSmtpAddress ext_mailbox@domain.com -DeliverToMailboxAndForward $false

Apply the forwarding to users in mass:

Get-Mailbox | Where {$_.RecipientType -eq «UserMailbox»} | Set-Mailbox -ForwardingAddress dest_mailbox@domain.com

Apply the forwarding to users to be sent to external users in mass:

Get-Mailbox | Where {$_.RecipientType -eq «UserMailbox»} | Set-Mailbox -ForwardingSmtpAddress ext_mailbox@domain.com

Get forwarding Info of a user:

Get-Mailbox -Identity user@domain.com | fl DeliverToMailboxAndForward, ForwardingAddress, ForwardingSmtpAddress

Remove mail forwarding:

Set-Mailbox user@domain.com -ForwardingAddress $null

Remove mail forwarding sent to an external user:

Set-Mailbox user@domain.com -ForwardingSmtpAddress $null

Remove mail forwarding to users in mass:

Get-Mailbox | Where {$_.RecipientType -eq «UserMailbox»} | Set-Mailbox -ForwardingAddress $null

Remove mail forwarding sent to external users to users in mass:

Get-Mailbox | Where {$_.RecipientType -eq «UserMailbox»} | Set-Mailbox -ForwardingSmtpAddress $null

To disable the mail forwaring option to users:

Read this post

Hope it´s useful.

On this month of 2013, i´ve writen 4 posts so far:

• Data Loss Prevention with Office365 Exchange Online
• Attaching mailboxes on Outlook with Office365
• Disable E-Mail forwarding in OWA
• Public Folders on Office365 Exchange Online

I Wish you find them useful, let me know if they are

On this post i´ll explain something that´s been a problem for most of us at the time of migration from on-premises Exchange to Exchange Online… Public Folders.

When Microsoft published his first versión of Microsoft Exchange as SaaS (Software as a Service) named BPOS, it didn´t Support public folders otherwise it was an hybrid environment in this would have been stored on-premises and probably implement this feature on the next versión of the platform (Wave 14). Well the next version came and the feature wasn´t supported, even more, Online services Support told it was never going to be introduced because it was an obsolete feature also to be removed from on-premises future products. To workarround this area we have some alternatives like shared mailboxes or sharepoint libraries, but they´re not enough.

Finally Microsoft made a great effort afert listening the IT Community and who are in charge of such migrations, introducing two new features  onto Exchange Onlines new platform (Wave 15): Public Folders and Site Mailboxes.

On todays post i´ll be centered only on public folders, maybe it can result a Little bit long but it´s worth it.

First of all, the limitations:

• It´s not recommended to use this feature for archiving, for this purpose there´s the archiving feature available on Exchange Online Plan 2 and Office365 Plan E3 or even document libraries available on Sharepoint Online.
• It´s very important not to store more than 5000 elements on the main folders. This is more an Outlook limitation than Exchange Online because in theory storing beyond that number Outlook will begin to reduce its performance and so on we´ll get errors and pauses like «Outlook is not responding» (even if it does in a while).
• Public Folders are compatible with OWA, besides it will not be posible to create or delete them.
• The content of those folders are not indexed by Exchange Search, so we could search of a single folder but not in recursive mode.
• Retention policy tags are not compatible.
• It´s mandatory to use Outlook 2007 or newer (obviously).

Things to keep in mind:

• We can store documents, mails and messages.
• We can mail-enable public folders to receive automatically mails or even make them form part of a Distribution Group.
• When mail-enabling a public folder, we can configure limits and assign permissions to SendOnBehalfOf and SendAs.
• The changes will be synced every 15 minutes if there are users connected, if there aren´t any, it will do every 24 hours. Besides if the modification occurs on a root structure, the changes will be synced inmediately using an asynchronous sync.

Public Folders set-up on Exchange Online

Once we know the limitations and the things to keep in mind, lets proceed to configure this new feature:

1. First of all, Access the Office365 Portal with our Admin credentials and click on Admin – Exchange to enter the Exchange Online admin console.
   
2. Then click on Public Folders located on the left side.
   
3. Click on the Public Folders Mailboxes located on the upper side.
   
4. Hit the «+» button to create a new mailbox and indicate a name (i.e. IT) and hit on Save.
5. Once it´s been created the public folder mailbox, lets create a new public folder structure, to do so, click on the upper side where it says Public Folders.
   
6. Hit the «+» button to create a new folder, indicate a name and hit on save.
   
7. Then hit on the Pencil button to edit the recently created folder and configure features like retention policies (do not confuse with retention tags), limits and read mark status (user based or general)
   
8. Once done, assign permissions, simply click on the right side link where it says Folder Permissions and click on Manage.
   
9. Once inside we can give users access to this folder and wich permissions will it have (including the visible folder permission).
   
10. Repeat the process with all the folders we want and give a shape to the structure we want.

Now the checking part:

1. Enter our Outlook and Enable the folders view (it´s the only way to view public folders in Outlook).
   
2. Observe the public folders located on the bottom side. In my case, i´ve created two profiles, Josh Smith (User) and Alberto Pascual (Admin) in order to demonstrate the differences on the applied permissions. I´ve created a folder structure wich has three folders, one root folder (Cloud Support) and two child (E Plans y P Plans). Josh has view only permissions on the P Plans folders and the first image shows it, and on the second one shows Alberto structure:
   

Well, we´ve created a public folder mailbox, a public folder structure, assgined permissions and checked through two profiles on Outlook, but How do we do it on OWA?

1. Access our OWA
2. Right Click on the Favorites and click on Add Public Folder
   
3. Select a folder to show and click on Accept. you´ll see the differences of the permissions applied to both users, Josh (first image) and Alberto Pascual (second image).
   
4. We´ll have the public folders listed on the upper side on the favorites area.
   

Hope many of you find it useful.

Hi, a few days ago a client of mine made a petition where he needed to be able to prohibit some users the option to forward their e-mails from Outlook Web App in Exchange Online.

The case is that on an Exchange On-Premises is very easy, but on Exchange Online there´s no visible option to do so but with PowerShell and RBAC it´s posible and wanted to share it with you.

First of all, we need to get our PowerShell environment ready for the use with Office365.

Login to tour Office365 subscription with Admin credentials with the following commands::

$LIveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LIveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session

Once we´re inside, we must enable Organization Customization in our subscription:

Enable-OrganizationCustomization

Create a new management role taking the base role as a base with the following command:

New-ManagementRole -Name Role_Name -Parent MyBaseOptions

Delete the forwarding attribute of the newly created role:

Set-ManagementRoleEntry Role_Name\Set-Mailbox -Parameters DeliverToMailboxAndForward -RemoveParameter

Create a new policy:

New-RoleAssignmentPolicy Policy_Name

Create a new management role assignment with the created role and policy:

New-ManagementRoleAssignment -Role Role_Name -Policy Policy_Name

Lastly, assign this configuration to the user we want to:

Get-Mailbox user@domain.com | Set-Mailbox -RoleAssignmentPolicy Policy_Name

If everything went ok, when the user logs in his Outlook Web App, it will be able to see on the right side the link to enable the e-mail forwarding option (image1), but different than a normal user (image2), the necessary fields to enable the forwarding will not appear (image3):

Image1:

Image2:

Image3:

Until next time.

On todays post. i´ll explain how to attach Office365 mailboxes inside Microsoft Outlook, either if they´re shared or personal.

For most, the easiest way to do so is using Microsoft Outlook interface, perhaps this results tedious when doing it on many users and is also unefficient because it gives the user the right to remove it without any permission.

To do so, it´s necessary to have our environment ready for Office365 administration with PowerShell and log in with admin credentials with the following code:

$LiveCred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection Import-PSSession $Session

Once inside, run the following command (note the Automapping parameter):

Add-MailboxPermission -Identity shared_mailbox@domain.com -User user@domain.com -AccessRights FullAccess -AutoMapping:$true

And we´ll get the following results:

This way, when we Access Microsoft Outlook, we´ll get the attached mailbox below our personal :

Also, note that when accesing the Microsoft Exchange account properties inside Outlook, we will not see any additional mailboxes listed we could remove:

To remove an attached mailbox, simply run the following command:

Remove-MailboxPermission -Identity shared_mailbox@domain.com -User user@domain.com -AccessRights FullAccess

Until next post.

One of the new features that Office365 Exchange Online Plan 2 brings us is the Data Loss Prevention (DLP) feature. This helps us keep our organizations important information like credit cards numbers, social security ids, banking accounts, etc out of any leaks, either they´re going out intentionally or even accidentally.

DLP is done with the help of Exchange Online Transport Rules, with the use of conditions and actions based on policies we configure through the Office365 portal and be able to classify both incoming and outgoing messages. In order to help us, DLP includes a list of predefined templates we can use fast and easy to configure DLP succesfully

So let´s stop talking and get hands on configuring this great feature:

1. First of all, access our Office365 Portal with our Admin credentials.
2. Click on the upper right side where it says «Admin» and then click on «Exchange«.
3. On the left side where it says «Compliance Management» and then on the upper side «Data Loss Prevention«.
4. Click on the «+» symbol to add a new policy and select any of the three available options: New DLP Policy from template, Import DLP Policy, or New custom Policy. In our case we´ll select the first option.
5. Give it a name, a description and select a predefined template from the list (i.e. U.K. Financial Data).
6. Click on «More options» and select the Enforce option. Then click on Save.
7. You should be able to see the recently created policy. Click on the Little pencil icon in order to edit.
8. Here we can create and customize with rules the policy to treat the data and take actions like forwarding the message for the sending approval to the person on charge of the Data Treatment.

It´s very important to highlight that the Policy tips appeared when a user accomplishes a DLP policy when writing a new E-mail, will only appear if the message is being written using Microsoft Outlook 2013, because OWA and the lower versions of Microsoft Outlook are not compatible with Policy Tips as they cannot proccess them. But this doesn´t mean that DLP cannot be implemmented nor even work, DLP policys will still be working on the background thanks to the transport rules.

The advantage of Policy tips that Outlook 2013 uses, is that enables the user to specify the designated moderator a motive why he needs to send that Info to the recipient as shown on the following image:

I hope you find this usefull.

On this month of 2013, i´ve writen 7 posts so far:

• Add connected accounts to OWA – Office365
• Access Office365 Small Business ECP
• Configure SendAs and SendOnBehalfOf on the new Office365
• Want to attend Teched 2013?
• Get subscription managed by Office365 Partner
• Creating shared mailboxes in Office365 – Wave15
• Enable Offline OWA

I Wish you find them useful, let me know if they are

One of the functionality that Outlook Web App brings us is the ability to connect external mail accounts like a gmail.com one to our interface, so we can send and receive mails from it using our Outlook Web App interface, wich is specially usefull for those who think like me that some webmail interfaces are not the way wich should be, or are not functional or intuitive like the one that Office365 offers us.

So what do we need? very simple:

• An active Office365 subscription with Exchange Online included.
• Username and Password of the account to be connected (generally the username is the email address)

If the mail server of the account to be connected has the capacity to provide  the autodiscover values for mail programs, then we shouldn´t have any problems and have the need of anything else.

So lets get it working:

1. First of all Acces our OWA inside Office365.
2. Click on where it says «Outlook«:
   
3. Click on the little gear located on the upper right side and then click on «options«:

   

4. Then click on «Connected Accounts» and then on the «+» button:

   

5. Type in the username and password of the account to connect and then click on «Next«, This will validate the credentials and add the account to the pannel:

   

6. Once the account has been validated double click on the account to configure the name we want to show up on outgoing mails sent using this account:

   

7. If we take a look, just after the list of the connected accounts, we will have a little droplist where we can select the address to reply from by default, but we can also select the default value to let the system to use the account to reply to wich received the mail:
   
8. Once the connected account has been configured, go to «Outlook» and observe when typing a new mail we´ll have a new field available called «From:» where we can select the Office365 account or the recently connected account we´ve added to send the new mail:
   

Enjoy it.